259791
|
- |
|
cybozu
|
garoon
|
Cybozu Garoon 3.5 through 3.7 SP2 allows remote attackers to bypass Keitai authentication via a modified user ID in a request.
|
CWE-287
Improper Authentication
|
CVE-2013-6006
|
2013-12-31 00:22 |
2013-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259792
|
- |
|
redhat
|
jboss_enterprise_portal_platform
|
Multiple cross-site scripting (XSS) vulnerabilities in the GateIn Portal component in Red Hat JBoss Portal 6.1.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4424
|
2013-12-28 02:44 |
2013-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259793
|
- |
|
chamilo
|
chamilo_lms
|
SQL injection vulnerability in the check_user_password function in main/auth/profile.php in Chamilo LMS 1.9.6 and earlier, when using the non-encrypted passwords mode set at installation, allows remo…
|
CWE-89
SQL Injection
|
CVE-2013-6787
|
2013-12-28 02:40 |
2013-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259794
|
- |
|
x
|
x_display_manager
|
X.Org xdm 1.1.10, 1.1.11, and possibly other versions, when performing authentication using certain implementations of the crypt API function that can return NULL, allows remote attackers to cause a …
|
CWE-310
Cryptographic Issues
|
CVE-2013-2179
|
2013-12-28 01:00 |
2013-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259795
|
- |
|
apple
|
quicktime
|
Untrusted search path vulnerability in the Picture Viewer in Apple QuickTime before 7.6.8 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attack…
|
NVD-CWE-Other
|
CVE-2010-1819
|
2013-12-28 00:27 |
2013-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259796
|
- |
|
apple
|
quicktime
|
Per: http://cwe.mitre.org/data/definitions/426.html
"CWE-426: Untrusted Search Path"
|
NVD-CWE-Other
|
CVE-2010-1819
|
2013-12-28 00:27 |
2013-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259797
|
- |
|
redhat
|
enterprise_virtualization_hypervisor
|
libspice, as used in QEMU-KVM in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hypervisor) before 5.5-2.2 and possibly other products, allows guest OS users to read from or write t…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-0430
|
2013-12-28 00:20 |
2013-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259798
|
- |
|
novatech
|
orion5_dnp_master orion5_dnp_slave orion5r_dnp_master orion5r_dnp_slave orionlx_dnp_master orionlx_dnp_slave
|
NovaTech Orion Substation Automation Platform OrionLX DNP Master 1.27.38 and DNP Slave 1.23.10 and earlier and Orion5/Orion5r DNP Master 1.27.38 and DNP Slave 1.23.10 and earlier allow remote attacke…
|
CWE-20
Improper Input Validation
|
CVE-2013-2821
|
2013-12-27 01:44 |
2013-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259799
|
- |
|
novatech
|
orion5_dnp_master orion5_dnp_slave orion5r_dnp_master orion5r_dnp_slave orionlx_dnp_master orionlx_dnp_slave
|
NovaTech Orion Substation Automation Platform OrionLX DNP Master 1.27.38 and DNP Slave 1.23.10 and earlier and Orion5/Orion5r DNP Master 1.27.38 and DNP Slave 1.23.10 and earlier allow physically pro…
|
CWE-20
Improper Input Validation
|
CVE-2013-2822
|
2013-12-27 01:43 |
2013-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259800
|
- |
|
redhat
|
jboss_operations_network
|
Red Hat JBoss Operations Network 3.1.2 uses world-readable permissions for the (1) server and (2) agent configuration files, which allows local users to obtain authentication credentials and other un…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4452
|
2013-12-27 00:50 |
2013-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|